<?php
	include('config.php');
	
	echo '<html>';
	
	if(isset($_POST['uname']) && isset($_POST['email']) &&
			isset($_POST['pass']) && isset($_POST['pass2'])){
		
		$uname = htmlentities(addslashes($_POST['uname']));
		$email = htmlentities(addslashes($_POST['email']));
		$pass = addslashes($_POST['pass']);
		$pass2 = addslashes($_POST['pass2']);
		
		if($pass != $pass2){
			echo '<body onload="error()">
					<script type="text/javascript">
						function error(){
							alert("Passwords don\'t match!");
						}
					</script>';
		}else if($email == ''){
			echo '<body onload="error()">
					<script type="text/javascript">
						function error(){
							alert("Email can\'t be blank!");
						}
					</script>';
		}else if($uname == ''){
			echo '<body onload="error()">
					<script type="text/javascript">
						function error(){
							alert("Username can\'t be blank!");
						}
					</script>';
		}else if($pass == ''){
			echo '<body onload="error()">
					<script type="text/javascript">
						function error(){
							alert("Password can\'t be blank!");
						}
					</script>';
		}else if(strlen($uname) > 20){
			echo '<body onload="error()">
					<script type="text/javascript">
						function error(){
							alert("Username must be under 20 characters!");
						}
					</script>';
		}else{
			$query = 'SELECT U.username FROM USERS U WHERE username = \'' . $uname . '\'';
			$results = mysql_query($query);
		
			if(mysql_num_rows($results) >= 1){
				echo '<body onload="error()">
						<script type="text/javascript">
							function error(){
								alert("Username already exists!");
							}
						</script>';
			}else{
				$uid = mt_rand(10000000, 99999999);
				
				$query = 'SELECT U.username FROM USERS U WHERE user_id = \'' . $uid . '\'';
				$results = mysql_query($query);
			
				while(mysql_num_rows($results) >= 1){
					$uid = mt_rand(10000000, 99999999);
				
					$query = 'SELECT U.username FROM USERS U WHERE user_id = \'' . $uid . '\'';
					$results = mysql_query($query);
				}
				
				$query = 'INSERT INTO USERS VALUES ('. $uid . ', \'' . $email . '\', \'' . $uname . '\', \'' . md5($pass) . '\', 0);';
				mysql_query($query);
				
				$subject = 'Oregon State Android Developers';
				$body = 'Welcome to the OSU Android Developers community!  Please visit the following link in order to activate your account:  http://web.engr.oregonstate.edu/~phillir2/project/activate.php?id=' . $uid;
					
				if (mail($email, $subject, $body)) {
					echo '<body onload="thanks()">
						<script type="text/javascript">
							function thanks(){
								alert("Thanks for registering.  An activation/confirmation email has been sent to ' . $email . '");
							}
						</script>';
				} else {
					echo("<p>Message delivery failed...</p>");
				}
			}
		}
	}else{
		echo '<body onload="error()">
				<script type="text/javascript">
					function error(){
						alert("There was an error processing your request");
					}
				</script>';
	}
	
	echo '</body></html>';
	
	mysql_close($mysql_handle);
	
	header('Location: index.php');
?>